Nearly three years after the last major release of Nmap, version 6.0 of the open source network scanner has been released. Nmap is a popular utility for scanning and mapping network ranges to extract information about the systems attached to the network and the network's topology. In version 6.0, the developers have added full IPv6 support while enhancing Nmap's scripting engine, web scanning, mapping GUI and scanning performance, while also introducing a new tool called Nping.
Nmap has had basic IPv6 support since 2002, but with the IPv4 address exhaustion, the Nmap developers spent some months ensuring that Nmap had full IPv6 support, complete with a new IPv6 OS detection system, host discovery and raw packet port scanning.
The Nmap Scripting Engine (NSE) system for automating networking tasks with Lua scripts has, say the developers, "exploded in popularity and capabilities". The number of bundled NSE scripts has grown from 59 to 348, including 44 new protocol information query scripts for information gathering from, for example Hadoop, Bitcoin and VNC, and 27 scripts for adding new targets to the scanning queue.
The web scanning capabilities in Nmap have been enhanced with the addition of new techniques for performing various HTTP tasks including brute force authentication cracking and web site spidering. There are now 54 scripts for scanning web servers, up from just 6; ranging from grabbing the title or favicon of the root page of a server to retrieving SSL certificates. The underlying HTTP library now supports pipelining and caches responses (to avoid multiple requests when a number of scripts are running).
No comments:
Post a Comment